Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

ICMP 'EtherLeak' Information Disclosure

Information

Severity

Severity

Medium

Family

Family

General

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The remote host is prone to an information disclosure vulnerability over ICMP (EtherLeak).

Insight

Insight

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by EtherLeak.

Detection Method

Detection Method

Sends multiple crafted ICMP packets and checks the responses.

Solution

Solution

Contact the vendor of the network device driver for a solution.

Common Vulnerabilities and Exposures (CVE)